CN103716167B - Method and device for safely collecting and distributing transmission keys - Google Patents
Method and device for safely collecting and distributing transmission keys Download PDFInfo
- Publication number
- CN103716167B CN103716167B CN201310742661.7A CN201310742661A CN103716167B CN 103716167 B CN103716167 B CN 103716167B CN 201310742661 A CN201310742661 A CN 201310742661A CN 103716167 B CN103716167 B CN 103716167B
- Authority
- CN
- China
- Prior art keywords
- module
- key
- packet
- pos terminal
- mtms
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Signal Processing (AREA)
- Accounting & Taxation (AREA)
- Computer Networks & Wireless Communication (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Cash Registers Or Receiving Machines (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Computer And Data Communications (AREA)
- Small-Scale Networks (AREA)
- Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to the field of electronic payment terminals and discloses a method and device for safely collecting and distributing transmission keys. The method includes the generation step and the distribution step. The generation step mainly includes the sub-steps that an operator card is authenticated, a complete machine serial number and a working certificate are loaded, and activation operation is performed on a POS terminal. The distribution step mainly includes the subs-steps that encryption equipment performs encryption and signature on SN-TK data packets in an MTMS system again, and then the SN-TK data packets are distributed to a KMS system. The method and device have the advantages that when each POS terminal is produced, a transmission key (TK) is generated at random, and it is guaranteed that TK data collected by each POS terminal have uniqueness; in the process of TK collection, strict permission verification is performed on an operator, so that safety is guaranteed; in the process of distribution, strict valid verification, and secondary switching encryption and signature are performed, so that accuracy of the collected TK data is guaranteed in the production process.
Description
Technical field
The present invention relates to E-Payment field, particularly relate to a kind of safety and gather and the method for distribution transmission key
And device.
Background technology
Bank card (BANK Card) is more and more universal as the means of payment, common bank card paying system
Single system (POSP), code keypad is received including point of sales terminal (Point Of Sale, POS), POS
And hardware encryption equipment (Hardware and Security Module, HSM) (PINPAD).Wherein POS
Terminal can accept bank card information, has communication function, and the instruction accepting teller completes financial transaction letter
Breath and the equipment exchanged for information about;POS receives single system and manages POS terminal concentratedly, including parameter
Downloading, key is downloaded, and accepts, processes or forward the transaction request of POS terminal, and to POS terminal loopback
Transaction results information, is the system of centralized management and trading processing;Code keypad (PINPAD) is to various
The key that financial transaction is relevant carries out safe storage protection, and PIN is encrypted the safety equipment of protection;
Hardware encryption equipment (HSM) is to the transmission peripheral hardware devices that is encrypted of data, for PIN deciphering,
Verify message and the correctness of document source and storage key.Personal identification code (Personal Identification
Number, PIN), i.e. personal identification number, is the data letter identifying holder's identity legitimacy in on-line transaction
Breath, in cyber-net system, any link does not the most allow to occur in clear text manner;Terminal master key
(Terminal MasterKey, TMK), during POS terminal work, the master being encrypted working key is close
Key, encrypting storing is in system database;POS terminal is widely used in bank card and pays occasion, such as factory
It is purchased thing, hotel accommodations etc., is a kind of indispensable modernization means of payment, incorporate people's life
Various occasions.Bank card, particularly debit card, be the most all provided with PIN by holder, is paying
During, POS terminal, in addition to above sending the data such as the magnetic track information of bank card, also wants holder to input PIN
Identity legitimacy for issuing bank checking holder, it is ensured that bank card safety of payment, the wealth of protection holder
Produce safety.In order to prevent PIN from revealing or being cracked, it is desirable to the mutual mistake of whole information from terminal to issuing bank
Cheng Zhong, whole process carries out safe encipherment protection to PIN, not in any link of computer network system,
PIN occurs in clear text manner, and the POS terminal therefore accepting input PIN at present is desirable that outfit key pipe
Reason system.
The key code system of POS terminal is divided into two grades: terminal master key (TMK) and working key (WK).
Wherein TMK is for being encrypted protection to WK.Every POS terminal has unique TMK, it is necessary to have
Safeguard protection, it is ensured that can only write device and participate in calculate, it is impossible to read;TMK is a root the most crucial
Key, if TMK is intercepted, working key is just easier to be cracked, and is paid by serious threat bank card
Safety.So TMK can download safely to POS terminal, become the key of whole POS terminal safety.
Existing TMK download scenarios is as follows:
1, key mother POS scheme: user receives single system hardware encryption equipment and key mother POS input at POS
The same transmission encryption key.It is close that POS terminal receives single system initiating terminal master by key mother POS to POS
Request downloaded by key, and POS receives single system and drives hardware encryption equipment stochastic generation terminal master key, and adds with transmission
Decryption key encrypted transmission is transmitted further to after key mother POS, key mother POS transmission encryption key decryption
POS terminal, POS terminal obtains terminal master key in plain text, is saved in POS terminal code keypad, thus real
Existing POS terminal and POS receive the synchronization of terminal master key between single system.
2, IC-card deciphering scheme: it is the same with injection in IC-card that user receives single system hardware encryption equipment at POS
Transmission encryption key.IC-card is inserted POS terminal by user, and POS terminal is received single system to POS and initiated eventually
End master key downloads request, and POS receives single system and drives hardware encryption equipment stochastic generation terminal master key, and uses
Transmission encryption keys is transferred to POS terminal, the transmission encryption key decryption in POS terminal IC-card
Terminal master key ciphertext, it is thus achieved that terminal master key in plain text, is saved in POS terminal code keypad, thus realizes
POS terminal and POS receive the synchronization of terminal master key between single system.
Above two scheme all has the disadvantage that: terminal master key occurs in outside safety equipment in plain text, is anti-
Model Key Exposure risk, the download of terminal master key must control to carry out at the safe machine room of administrative center, logical
Cross artificial concentration download terminal master key.This just brings after maintenance centre's machine room workload is big, equipment dispatches from the factory
Needing transport just can be deployed to trade company to administrative center's safe machine room download key causes cost of transportation to rise, be
Lower dress key is concentrated to need a large amount of staff cause into the problems such as this big, maintenance period length of maintenance with the working time.
Summary of the invention
For solving above-mentioned technical problem, the technical scheme that the present invention uses is to provide a kind of safety and gathers
The method of transmission key, including step:
After S101, operation terminal receive input operator's password prompt that MTMS system sends, read and insert
The operator's card entered and the Actor password of input, and operator's card information is sent to MTMS system to test
The legitimacy of card operator's card;
S102, MTMS system judges that the operator's card information received is the most legal, if so, performs step
S103, if it is not, return step S101;
S103, MTMS system sends complete machine serial number SN download instruction to POS terminal, and judge sequence
Whether number SN downloads successfully, if so, enters step S104, if it is not, return step S101;
S104, MTMS system judges whether operator's card is extracted, and if so, returns step S101, if it is not,
Control MTMS system to POS terminal download work certificate;
The work certificate that the checking of S105, POS terminal is downloaded is the most legal, the most then carry from work certificate
Take PKI;
S106, POS terminal stochastic generation transmission cipher key T K;
S107, POS terminal use PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK ciphertext and
Serial number SN transmits to MTMS system;
TK ciphertext and serial number SN are carried out packing and generate SN-TK packet by S108, MTMS system,
And use operator to block SN-TK packet signature;
The SN-TK of corresponding described SN-TK packet is generated success status information by S109, MTMS system
Send to POS terminal;
S110, POS terminal judge whether that receiving SN-TK generates success status information, the most then perform
Step S111, if it is not, then return step S109;
S111, POS terminal are converted to use state to complete to activate from producing state, and generate eventually inspection Success Flag
Send to MTMS system;
S112, MTMS system receives after examining Success Flag eventually, preserves the SN-TK data of this POS terminal
Bag.
Another technical solution used in the present invention is to provide the method for a kind of secure distribution transmission key, bag
Include step:
The serial number SN that S201, MTMS system obtains the POS terminal that need to carry out remote cipher key download is corresponding
SN-TK packet;
S202, MTMS system verifies the legitimacy of SN-TK packet one by one;
S203, MTMS system, according to the customer information corresponding to SN-TK packet, obtains client KMS
Cipher key index number corresponding in system configuration table, and send to encryption equipment, obtain required key information, required
Key includes the private key Pr for being decrypted SN-TK packet, for entering the TK obtained after deciphering
The protection key PK of row symmetric cryptography, for transmission cipher key T K after PK encrypts is calculated
The key MAK of MAC value;
It is close that S204, MTMS system obtains corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment
Key information, is decrypted acquisition TK by Pr to SN-TK packet;
S205, MTMS system obtains corresponding client's PK call number according to customer information corresponding for SN-TK,
Obtain corresponding PK key information according to PK call number from encryption equipment, by PK to TK, SN and
After other data in SN-TK packet are packed, encryption generates new SN-TK packet;
S206, MTMS system obtains corresponding client MAK index according to customer information corresponding for SN-TK
Number, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK to newly
SN-TK packet is signed;
New SN-TK packet after signature is saved in server by S207, MTMS system;
S208, when being transmitted the distribution of cipher key T K, MTMS system will signature after new SN-TK number
Send to KMS system according to bag;
New SN-TK after the signature that S209, KMS system docking receives carries out MAK checking and leads in checking
Later in KMS system, set up the mapping table of new SN-TK.
Another technical solution used in the present invention is to provide a kind of safety and gathers the device of transmission key, bag
Include operation terminal, MTMS system and POS terminal, described MTMS system include the first judge module,
SN downloads control module, the second judge module, packetization module, the first sending module and SN-TK packet
Preserve module, described POS terminal include the first authentication module, TK generation module, the first encrypting module, the
Three judge modules and active module;
Described operation terminal, for after receiving input operator's password prompt that MTMS system sends, is read
Take operator's card and the Actor password of input of insertion, and operator's card information is sent to MTMS system
Legitimacy with verification operation person's card;
Described first judge module is used for judging that operator's card information that MTMS system receives is the most legal,
If so, notice SN downloads control module and performs operation, if it is not, notice operation terminal performs operation;
Described SN downloads control module and is used for sending complete machine serial number SN download instruction to POS terminal, and sentences
Whether disconnected serial number SN downloads successfully, if so, notifies that the second judge module performs judgement, if it is not, notice behaviour
Make terminal and perform operation;
Whether described second judge module is used for judging that operator blocks and extracts, and if so, notice operation terminal performs
Operation, if it is not, control MTMS system to POS terminal download work certificate;
Described first authentication module is for verifying that the work certificate of download is the most legal, the most then from employee's card
Book extracts PKI;
Described TK generation module transmits cipher key T K for stochastic generation;
Described first encrypting module is used for using PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK
Ciphertext and serial number SN transmit to MTMS system;
Described packetization module generates SN-TK for the TK ciphertext received and serial number SN carry out packing
Packet, and use operator to block SN-TK packet signature;
Described first sending module for generating success status letter by the SN-TK of corresponding described SN-TK packet
Breath sends to POS terminal;
Described 3rd judge module is used for judging whether POS terminal receives SN-TK and generate success status letter
Breath, the most then notice active module performs operation, if it is not, notify that the first sending module performs operation;
Described active module is used for making POS terminal be converted to use state to swash to complete POS terminal from producing state
Live, and generate inspection Success Flag transmission eventually to MTMS system;
Described SN-TK packet preserves module for, after receiving whole inspection Success Flag, preserving this POS terminal
SN-TK packet.
Another technical solution used in the present invention is to provide the device of a kind of secure distribution transmission key, bag
Including MTMS system, encryption equipment and KMS system, described MTMS system includes receiver module, second tests
Card module, the 3rd sending module, deciphering module, the second encrypting module, signature blocks, the 4th sending module
With TK distribution module;
Described receiver module is corresponding for the serial number SN obtaining the POS terminal that need to carry out remote cipher key download
SN-TK packet;
Described second authentication module is for verifying the legitimacy of SN-TK packet one by one;
Described 3rd sending module, for according to the customer information corresponding to SN-TK packet, obtains client
Cipher key index number corresponding in KMS system configuration table, and send to encryption equipment, obtain required key information,
Required key includes the private key Pr for being decrypted SN-TK packet, for acquisition after deciphering
TK carries out the protection key PK of symmetric cryptography, based on carrying out transmission cipher key T K after PK encrypts
Calculate the key MAK of MAC value;
Described deciphering module is close for obtaining corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment
Key information, is decrypted acquisition TK by Pr to SN-TK packet;
Described second encrypting module is for obtaining corresponding client's PK rope according to customer information corresponding for SN-TK
Quotation marks, obtain corresponding PK key information according to PK call number from encryption equipment, by PK to TK, SN
And other data in SN-TK packet pack after encryption generate new SN-TK packet;
Described signature blocks is for obtaining corresponding client MAK index according to customer information corresponding for SN-TK
Number, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK to newly
SN-TK packet is signed;
Described 4th sending module is for being saved in server by the new SN-TK packet after signature;
Described TK distribution module is for when being transmitted the distribution of cipher key T K, by the new SN-TK after signature
Packet sends to KMS system;
Described KMS system is for carrying out MAK checking to the new SN-TK after the signature received and testing
Demonstrate,prove the mapping table by the new SN-TK of rear foundation.
The invention has the beneficial effects as follows: every POS terminal is when producing, and transmission cipher key T K is all random producing
Raw, it is ensured that the TK data that every POS terminal is collected possess uniqueness;In TK gatherer process
Operator are carried out strict Authority Verification, the most as much as possible prevents other people from carrying out non-to POS terminal
Method operates, it is ensured that its safety;It addition, to the TK data produced before the KMS system being distributed to client
All carry out legitimate verification, carry out secondary simultaneously and turn encryption and signature, it is ensured that produce the standard of gathered TK data
Really property.
Accompanying drawing explanation
Fig. 1 is the structured flowchart that a kind of safety in an embodiment of the present invention gathers the device of transmission key;
Fig. 2 is the execution flow chart that a kind of safety in an embodiment of the present invention gathers the method for transmission key;
Fig. 3 is the structured flowchart of the device of a kind of secure distribution transmission key in an embodiment of the present invention;
Fig. 4 is the execution flow chart of the method for a kind of secure distribution transmission key in an embodiment of the present invention.
Main element symbol description:
100, operation terminal;
200, MTMS system;210, the first judge module;220, SN downloads control module;230,
Two judge modules;240, packetization module;250, the first sending module;260, SN-TK packet preserves mould
Block;270, receiver module;280, the second authentication module;290, the 3rd sending module;2100, deciphering mould
Block;2110th, two encrypting modules;2120, signature blocks;2130, the 4th sending module;2140、TK
Distribution module;
300, POS terminal;310, the first authentication module;320, TK generation module;330, the first encryption
Module;340, the 3rd judge module;350, active module;
400, encryption equipment;500, KMS system.
Detailed description of the invention
By describing the technology contents of the present invention, structural feature in detail, being realized purpose and effect, below in conjunction with
Embodiment also coordinates accompanying drawing to be explained in detail.
For solving problem present in background technology, the present invention uses a kind of new master key download scenarios, logical
Cross POS terminal and randomly generate TK(Transmission Key, transmit key), the TK after producing preserves
In the code keypad of POS terminal, and by TK by transmission means transmission required under various application scenarios
To KMS system, (Key Management System, key management system, be used for managing terminal master key
TMK) in.
As POS terminal application download terminal master key TMK, KMS system uses TK ciphering terminal master
Cipher key T MK, and the terminal master key ciphertext after encryption is sent to POS terminal, POS terminal is used after receiving
Master key ciphertext is decrypted by TK, obtains terminal master key TMK, and is preserved by terminal master key TMK
In code keypad.
So, by TK ciphering terminal master key TMK, TMK is enable to carry out remote transmission, convenient
The safety of TMK is downloaded.
In some scenarios, use operation terminal to gather the TK that POS terminal produces, and be responsible for by operation terminal
TK is transferred to MTMS system (Material Tracking Management System, Tracing Material system
System, mainly uses in plant produced), MTMS systematic unity manage TK, and TK is sent to phase
The KMS system answered, described course of conveying by CA center (Certificate Authority, certificate authority,
Public Key Infrastructure public key infrastructure technology, special offer network ID authentication clothes are provided
Business, is responsible for signing and issuing and managing digital certificate, and has authoritative and third party's trust authority of fairness) mirror
Do not operate terminal, MTMS system and the identity of KMS system.Use operation terminal to gather TK can facilitate
The rights management that the acquisition operations (can realize a key collection etc.) of TK and TK gather;Use MTMS
System can facilitate and is managed collectively TK, convenient after after-sales service time POS terminal data search with under
Carry, can realize, by producing single bulk transfer TK, facilitating the transfer management of TK by MTMS system, anti-
Only TK misinformates to wrong object;Introducing CA center is possible to prevent pseudo-terminal and pseudo-KMS system to steal TK.
The application scenarios of the present invention is that POS terminal produces TK, and operation terminal gathers TK and is transferred to by TK
Third party's (MTMS system), third party (turn encryption) after processing and be sent to KMS system, KMS
System receive POS terminal download request after with TK encryption TMK after be sent to POS terminal.
The present invention the most just overcome the technical scheme of the problems referred to above be described in detail.
Referring to Fig. 1, Fig. 1 is the device that a kind of safety in an embodiment of the present invention gathers transmission key
Structured flowchart, including including operating terminal 100, MTMS system 200 and POS terminal 300.
Described MTMS system 200 includes that the first judge module 210, SN download control module 220, second
Judge module 230, packetization module the 240, first sending module 250 and SN-TK packet preserve module 260.
Described POS terminal 300 includes that the first authentication module 310, TK generation module 320, first encrypt mould
Block the 330, the 3rd judge module 340 and active module 350.
Described operation terminal 100 is for carrying at the input operator's password receiving MTMS system 200 transmission
After showing, read the operator's card and the Actor password of input inserted, and operator's card information is sent extremely
The legitimacy that MTMS system 200 is blocked with verification operation person.
Described first judge module 210 is for judging that operator's card information that MTMS system 200 receives is
No legal, if so, notice SN downloads control module 220 and performs operation, if it is not, notice operation terminal 100
Perform operation.
Described SN downloads control module 220 and is used for sending complete machine serial number SN download instruction to POS terminal,
And judge whether serial number SN downloads successfully, if so, notify that the second judge module performs judgement, if it is not, logical
Know that operation terminal 100 performs operation.
Whether described second judge module 230 is used for judging that operator blocks and extracts, if so, notice operation terminal
100 perform operation, if it is not, control MTMS system 200 to download work certificate to POS terminal 300.
Described first authentication module 310 is for verifying that the work certificate of download is the most legal, the most then from work
Deposition extracts PKI.
Described TK generation module 320 transmits cipher key T K for stochastic generation.
Described first encrypting module 330 is used for using PKI that transmission cipher key T K encryption is generated TK ciphertext, will
TK ciphertext and serial number SN transmit to MTMS system 200.
Described packetization module 240 generates for the TK ciphertext received and serial number SN carry out packing
SN-TK packet, and use operator to block SN-TK packet signature.
Described first sending module 250 is for generating into an account of somebody's meritorious service by the SN-TK of corresponding described SN-TK packet
State information sends to POS terminal 300.
Described 3rd judge module 340 is used for judging whether POS terminal receives SN-TK and generate success status
Information, the most then notice active module 350 performs operation, if it is not, notify that the first sending module 250 is held
Row operation.
Described active module 350 is used for making POS terminal 300 be converted to use state to complete POS from producing state
Terminal activates, and generates inspection Success Flag transmission eventually to MTMS system 200.
Described SN-TK packet preserves module 260 for, after receiving whole inspection Success Flag, preserving this POS
The SN-TK packet of terminal.
Refer to a kind of safety that Fig. 2, Fig. 2 are corresponding said apparatus in an embodiment of the present invention and gather transmission
The execution flow chart of the method for key, the method comprising the steps of:
After S101, operation terminal receive input operator's password prompt that MTMS system sends, read and insert
The operator's card entered and the Actor password of input, and operator's card information is sent to MTMS system to test
The legitimacy of card operator's card;
S102, MTMS system judges that the operator's card information received is the most legal, if so, performs step
S103, if it is not, return step S101;
S103, MTMS system sends complete machine serial number SN download instruction to POS terminal, and judge sequence
Whether number SN downloads successfully, if so, enters step S104, if it is not, return step S101;
S104, MTMS system judges whether operator's card is extracted, and if so, returns step S101, if it is not,
Control MTMS system to POS terminal download work certificate;
The work certificate that the checking of S105, POS terminal is downloaded is the most legal, the most then carry from work certificate
Take PKI;
S106, POS terminal stochastic generation transmission cipher key T K;
S107, POS terminal use PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK ciphertext and
Serial number SN transmits to MTMS system;
TK ciphertext and serial number SN are carried out packing and generate SN-TK packet by S108, MTMS system,
And use operator to block SN-TK packet signature;
The SN-TK of corresponding described SN-TK packet is generated success status information by S109, MTMS system
Send to POS terminal;
S110, POS terminal judge whether that receiving SN-TK generates success status information, the most then perform
Step S111, if it is not, then return step S109;
S111, POS terminal are converted to use state to complete to activate from producing state, and generate eventually inspection Success Flag
Send to MTMS system;
S112, MTMS system receives after examining Success Flag eventually, preserves the SN-TK data of this POS terminal
Bag.
Refer to the device that Fig. 3, Fig. 3 are a kind of secure distribution transmission key in an embodiment of the present invention,
Including MTMS system 200, encryption equipment 400 and KMS system 500.
Described MTMS system 200 includes that receiver module the 270, second authentication module the 280, the 3rd sends mould
Block 290, deciphering module the 2100, second encrypting module 2110, signature blocks the 2120, the 4th sending module 2130
With TK distribution module 2140.
Described receiver module 270 is for obtaining the serial number SN of the POS terminal that need to carry out remote cipher key download
Corresponding SN-TK packet.
Described second authentication module 280 is for verifying the legitimacy of SN-TK packet one by one.
Described 3rd sending module 290, for according to the customer information corresponding to SN-TK packet, obtains visitor
Cipher key index number corresponding in the KMS system configuration table of family, and send to encryption equipment 400, obtain required key
Information, required key includes the private key Pr for being decrypted SN-TK packet, for obtaining after deciphering
The TK taken carries out the protection key PK of symmetric cryptography, for transmission cipher key T K after PK encrypts
Carry out calculating the key MAK of MAC value.
Described deciphering module 2100 is right for obtaining from encryption equipment 400 according to Pr call number corresponding for SN-TK
The Pr key information answered, is decrypted acquisition TK by Pr to SN-TK packet.
Described second encrypting module 2110 is for obtaining corresponding client according to customer information corresponding for SN-TK
PK call number, obtains the PK key information of correspondence, by PK pair according to PK call number from encryption equipment 400
After other data in TK, SN and SN-TK packet are packed, encryption generates new SN-TK packet.
Described signature blocks 2120 is for obtaining corresponding client MAK according to customer information corresponding for SN-TK
Call number, obtains the MAK key information of correspondence, passes through MAK according to MAK call number from encryption equipment 400
New SN-TK packet is signed.
Described 4th sending module 2130 is for being saved in server by the new SN-TK packet after signature.
Described TK distribution module 2140, will new after signature for when being transmitted the distribution of cipher key T K
SN-TK packet sends to KMS system 500.
Described KMS system 500 is verified also for the new SN-TK after the signature received carries out MAK
The mapping table of new SN-TK is set up after being verified.
Wherein, also include POS terminal, described KMS system also includes TMK encrypting module, TMK
Sending module, described POS terminal includes that TMK downloads request module and TMK deciphering module.
Described TMK encrypting module is for using the TK terminal master key TMK to being stored in KMS system
It is encrypted generation TMK ciphertext and preserves.
Described TMK downloads request module and downloads solicited message for sending TMK to KMS system, should
Seek the SN comprising POS terminal in information.
Described TMK sending module for by the SN in solicited message by should the TK of SN encrypted
TMK ciphertext send to POS terminal.
Described TMK deciphering module obtains TMK after being used for using TK to be decrypted TMK ciphertext.
Refer to a kind of secure distribution transmission that Fig. 4, Fig. 4 are corresponding said apparatus in an embodiment of the present invention
The execution flow chart of the method for key, the method comprising the steps of:
The serial number SN that S201, MTMS system obtains the POS terminal that need to carry out remote cipher key download is corresponding
SN-TK packet;
S202, MTMS system verifies the legitimacy of SN-TK packet one by one;
S203, MTMS system, according to the customer information corresponding to SN-TK packet, obtains client KMS
Cipher key index number corresponding in system configuration table, and send to encryption equipment, obtain required key information, required
Key includes the private key Pr for being decrypted SN-TK packet, for entering the TK obtained after deciphering
The protection key PK of row symmetric cryptography, for transmission cipher key T K after PK encrypts is calculated
The key MAK of MAC value;
It is close that S204, MTMS system obtains corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment
Key information, is decrypted acquisition TK by Pr to SN-TK packet;
S205, MTMS system obtains corresponding client's PK call number according to customer information corresponding for SN-TK,
Obtain corresponding PK key information according to PK call number from encryption equipment, by PK to TK, SN and
After other data in SN-TK packet are packed, encryption generates new SN-TK packet;
S206, MTMS system obtains corresponding client MAK index according to customer information corresponding for SN-TK
Number, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK to newly
SN-TK packet is signed;
New SN-TK packet after signature is saved in server by S207, MTMS system;
S208, when being transmitted the distribution of cipher key T K, MTMS system will signature after new SN-TK number
Send to KMS system according to bag;
New SN-TK after the signature that S209, KMS system docking receives carries out MAK checking and leads in checking
Later in KMS system, set up the mapping table of new SN-TK.
Wherein, further comprise the steps of: after step S209
S210, KMS system uses TK to add the terminal master key TMK being stored in KMS system
Close generation TMK ciphertext also preserves;
S211, POS terminal send TMK to KMS system and download solicited message, comprise in this solicited message
The SN of POS terminal;
S212, KMS system by the SN in solicited message by should the TMK encrypted for TK of SN
Ciphertext sends to POS terminal;
S212, POS terminal use TK to obtain TMK after being decrypted TMK ciphertext.
The beneficial effects of the present invention is, every POS terminal is when producing, and transmission cipher key T K is all random
Produce, it is ensured that the TK data that every POS terminal is collected possess uniqueness;At TK gatherer process
In operator are carried out strict Authority Verification, the most as much as possible prevent other people from POS terminal being carried out
Illegal operation, it is ensured that its safety;It addition, the TK data produced are being distributed to the KMS system of client
Before all carry out legitimate verification, carry out simultaneously secondary turn encryption and signature, it is ensured that produce gathered TK data
Accuracy.
The foregoing is only embodiments of the invention, not thereby limit the scope of the claims of the present invention, every profit
The equivalent structure made by description of the invention and accompanying drawing content or equivalence flow process conversion, or directly or indirectly transport
It is used in other relevant technical fields, is the most in like manner included in the scope of patent protection of the present invention.
Claims (6)
1. the method that a safety gathers transmission key, it is characterised in that include step:
After S101, operation terminal receive input operator's password prompt that MTMS system sends, read and insert
The operator's card entered and the Actor password of input, and operator's card information is sent to MTMS system to test
The legitimacy of card operator's card;Described MTMS system is Tracing Material system;
S102, MTMS system judges that the operator's card information received is the most legal, if so, performs step
S103, if it is not, return step S101;
S103, MTMS system transmission complete machine serial number SN download instruction is to POS terminal, and judges sequence
Whether row SN downloads successfully, if so, enters step S104, if it is not, return step S101;
S104, MTMS system judges whether operator's card is extracted, and if so, returns step S101, if it is not,
Control MTMS system to POS terminal download work certificate;
The work certificate that the checking of S105, POS terminal is downloaded is the most legal, the most then carry from work certificate
Take PKI;
S106, POS terminal stochastic generation transmission cipher key T K;
S107, POS terminal use PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK ciphertext
Transmit to MTMS system with serial number SN;
TK ciphertext and serial number SN are carried out packing and generate SN-TK packet by S108, MTMS system,
And use operator to block SN-TK packet signature;
The SN-TK of corresponding described SN-TK packet is generated success status information by S109, MTMS system
Send to POS terminal;
S110, POS terminal judge whether that receiving SN-TK generates success status information, the most then hold
Row step S111, if it is not, then return step S109;
S111, POS terminal are converted to use state to complete to activate from producing state, and generate eventually inspection Success Flag
Send to MTMS system;
S112, MTMS system receives after examining Success Flag eventually, preserves the SN-TK data of this POS terminal
Bag.
2. the method for secure distribution transmission key, it is characterised in that include step:
S201, MTMS system obtains serial number SN pair of the POS terminal that need to carry out remote cipher key download
The SN-TK packet answered;Described MTMS system is Tracing Material system;
S202, MTMS system verifies the legitimacy of SN-TK packet one by one;
S203, MTMS system, according to the customer information corresponding to SN-TK packet, obtains client KMS
Cipher key index number corresponding in system configuration table, and send to encryption equipment, obtain required key information,
Required
Key includes the private key Pr for being decrypted SN-TK packet, for acquisition after deciphering
TK carries out the protection key PK of symmetric cryptography, for carrying out transmission cipher key T K after PK encrypts
Calculate the key MAK of MAC value;
S204, MTMS system obtains corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment
Key information, is decrypted acquisition TK by Pr to SN-TK packet;
S205, MTMS system obtains corresponding client PK index according to customer information corresponding for SN-TK
Number, obtain corresponding PK key information according to PK call number from encryption equipment, by PK to TK, SN with
And other data in SN-TK packet pack after encryption generate new SN-TK packet;
S206, MTMS system obtains corresponding client's MAK rope according to customer information corresponding for SN-TK
Quotation marks, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK pair
New SN-TK packet is signed;
New SN-TK packet after signature is saved in server by S207, MTMS system;
S208, when being transmitted the distribution of cipher key T K, MTMS system will signature after new SN-TK number
Send to KMS system according to bag;
New SN-TK after the signature that S209, KMS system docking receives carries out MAK checking and in checking
In KMS system, the mapping table of new SN-TK is set up after by.
The method of a kind of secure distribution the most according to claim 2 transmission key, it is characterised in that:
Also include after step S209:
S210, KMS system uses TK to carry out the terminal master key TMK being stored in KMS system
Encryption generates TMK ciphertext and preserves;
S211, POS terminal send TMK to KMS system and download solicited message, wrap in this solicited message
SN containing POS terminal;
S212, KMS system by the SN in solicited message by should the TMK encrypted for TK of SN
Ciphertext sends to POS terminal;S212, POS terminal use TK to obtain after being decrypted TMK ciphertext
Take TMK.
4. a safety gathers the device transmitting key, it is characterised in that include operating terminal, MTMS system
System and POS terminal, described MTMS system include the first judge module, SN download control module, the
Two judge modules, packetization module, the first sending module and SN-TK packet preserve module, and described POS is eventually
End includes the first authentication module, TK generation module, the first encrypting module, the 3rd judge module and active module;
Described MTMS system is Tracing Material system;
Described operation terminal is used for after receiving input operator's password prompt that MTMS system sends,
Read the operator's card and the Actor password of input inserted, and operator's card information is sent to MTMS system
System is with the legitimacy of verification operation person's card;
Described first judge module is for judging whether operator's card information that MTMS system receives closes
Method,
If so, notice SN downloads control module and performs operation, if it is not, notice operation terminal performs operation;
Described SN downloads control module and is used for sending complete machine serial number SN download instruction to POS terminal, and
Judge whether serial number SN downloads successfully, if so, notify that the second judge module performs judgement, if it is not, logical
Know that operation terminal performs operation;
Whether described second judge module is used for judging that operator blocks and extracts, and if so, notice operation terminal performs
Operation, if it is not, control MTMS system to POS terminal download work certificate;
Described first authentication module is for verifying that the work certificate of download is the most legal, the most then from employee's card
Book extracts PKI;
Described TK generation module transmits cipher key T K for stochastic generation;
Described first encrypting module is used for using PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK
Ciphertext and serial number SN transmit to MTMS system;
Described packetization module generates SN-TK for the TK ciphertext received and serial number SN carry out packing
Packet, and use operator to block SN-TK packet signature;
Described first sending module for generating success status letter by the SN-TK of corresponding described SN-TK packet
Breath sends to POS terminal;
Described 3rd judge module is used for judging whether POS terminal receives SN-TK and generate success status letter
Breath, the most then notice active module performs operation, if it is not, notify that the first sending module performs operation;
Described active module is used for making POS terminal be converted to use state to swash to complete POS terminal from producing state
Live, and generate inspection Success Flag transmission eventually to MTMS system;
Described SN-TK packet preserves module for, after receiving whole inspection Success Flag, preserving this POS eventually
The SN-TK packet of end.
5. the device of a secure distribution transmission key, it is characterised in that include MTMS system, encryption
Machine and KMS system, described MTMS system includes receiver module, the second authentication module, the 3rd transmission mould
Block, deciphering module, the second encrypting module, signature blocks, the 4th sending module and TK distribution module;Institute
Stating MTMS system is Tracing Material system;
Described receiver module is for obtaining serial number SN pair of the POS terminal that need to carry out remote cipher key download
The SN-TK packet answered;
Described second authentication module is for verifying the legitimacy of SN-TK packet one by one;
Described 3rd sending module, for according to the customer information corresponding to SN-TK packet, obtains client
Cipher key index number corresponding in KMS system configuration table, and send to encryption equipment, obtain required key information,
Required key includes the private key Pr for being decrypted SN-TK packet, for obtaining after deciphering
TK carry out symmetric cryptography protection key PK, for through PK encrypt after transmission cipher key T K enter
Row calculates the key MAK of MAC value;
Described deciphering module is for obtaining corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment
Key information, is decrypted acquisition TK by Pr to SN-TK packet;
Described second encrypting module is for obtaining corresponding client PK according to customer information corresponding for SN-TK
Call number, obtains corresponding PK key information according to PK call number from encryption equipment, by PK to TK,
After other data in SN and SN-TK packet are packed, encryption generates new SN-TK packet;
Described signature blocks is for obtaining corresponding client's MAK rope according to customer information corresponding for SN-TK
Quotation marks, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK pair
New SN-TK packet is signed;
Described 4th sending module is for being saved in server by the new SN-TK packet after signature;
Described TK distribution module, will new after signature for when being transmitted the distribution of cipher key T K
SN-TK packet sends to KMS system;
Described KMS system for the new SN-TK after the signature received carried out MAK checking and
The mapping table of new SN-TK is set up after being verified.
The device of a kind of secure distribution the most according to claim 5 transmission key, it is characterised in that: also
Including POS terminal, described KMS system also includes TMK encrypting module, TMK sending module,
Described POS terminal includes that TMK downloads request module and TMK deciphering module;
Described TMK encrypting module is for using the TK terminal master key to being stored in KMS system
TMK is encrypted generation TMK ciphertext and preserves;
Described TMK downloads request module and downloads solicited message for sending TMK to KMS system, should
Solicited message comprises the SN of POS terminal;
Described TMK sending module for by the SN in solicited message by should SN TK encrypt
The TMK ciphertext crossed sends to POS terminal;
Described TMK deciphering module obtains TMK after being used for using TK to be decrypted TMK ciphertext.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310742661.7A CN103716167B (en) | 2013-03-15 | 2013-12-27 | Method and device for safely collecting and distributing transmission keys |
Applications Claiming Priority (13)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013100846716 | 2013-03-15 | ||
CN201310084673.5 | 2013-03-15 | ||
CN2013100843972 | 2013-03-15 | ||
CN2013100846716A CN103220270A (en) | 2013-03-15 | 2013-03-15 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
CN201310084397.2 | 2013-03-15 | ||
CN2013100846538 | 2013-03-15 | ||
CN2013100846735 | 2013-03-15 | ||
CN201310084671.6 | 2013-03-15 | ||
CN201310084653.8 | 2013-03-15 | ||
CN2013100846538A CN103237005A (en) | 2013-03-15 | 2013-03-15 | Method and system for key management |
CN2013100846735A CN103220271A (en) | 2013-03-15 | 2013-03-15 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
CN2013100843972A CN103237004A (en) | 2013-03-15 | 2013-03-15 | Key download method, key management method, method, device and system for download management |
CN201310742661.7A CN103716167B (en) | 2013-03-15 | 2013-12-27 | Method and device for safely collecting and distributing transmission keys |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103716167A CN103716167A (en) | 2014-04-09 |
CN103716167B true CN103716167B (en) | 2017-01-11 |
Family
ID=50363015
Family Applications (28)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310740644.XA Active CN103714638B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of quick position terminal master key failed download |
CN201310740231.1A Active CN103714635B (en) | 2013-03-15 | 2013-12-27 | A kind of POS terminal and terminal master key downloading mode collocation method thereof |
CN201310741948.8A Active CN103714639B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system that realize the operation of POS terminal security |
CN201310740642.0A Active CN103731259B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740360.0A Active CN103714636B (en) | 2013-03-15 | 2013-12-27 | A kind of method of batch capture and upload transfers cipher key T K data and operating terminal |
CN201310740158.8A Active CN103716320B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740537.7A Active CN103746800B (en) | 2013-03-15 | 2013-12-27 | TMK (terminal master key) safe downloading method and system |
CN201310740540.9A Active CN103716154B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740308.5A Active CN103729941B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
CN201310740430.2A Active CN103729943B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system transmission security key being imported KMS system |
CN201310742991.6A Active CN103714641B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK method for safely downloading and system |
CN201310740285.8A Active CN103729940B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
CN201310740226.0A Active CN103714634B (en) | 2013-03-15 | 2013-12-27 | A kind of method of main key of secure download terminal and system |
CN201310740574.8A Active CN103729945B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
CN201310742886.2A Active CN103716321B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740264.6A Active CN103701812B (en) | 2013-03-15 | 2013-12-27 | TMK (Terminal Master Key) secure downloading method and system |
CN201310740567.8A Active CN103729944B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
CN201310742681.4A Active CN103714640B (en) | 2013-03-15 | 2013-12-27 | A kind of sending method of transmission security key and system |
CN201310740410.5A Active CN103729942B (en) | 2013-03-15 | 2013-12-27 | Transmission security key is transferred to the method and system of key server from terminal server |
CN201310740100.3A Active CN103714633B (en) | 2013-03-15 | 2013-12-27 | A kind of method of safe generating transmission key and POS terminal |
CN201310742686.7A Active CN103745351B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
CN201310740188.9A Active CN103716153B (en) | 2013-03-15 | 2013-12-27 | Terminal master key TMK safety downloading method and systems |
CN201310742661.7A Active CN103716167B (en) | 2013-03-15 | 2013-12-27 | Method and device for safely collecting and distributing transmission keys |
CN201310741949.2A Active CN103731260B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and system |
CN201310740244.9A Active CN103701609B (en) | 2013-03-15 | 2013-12-27 | A kind of server and the method and system operating terminal two-way authentication |
CN201310742648.1A Active CN103716155B (en) | 2013-03-15 | 2013-12-27 | A kind of method of automated maintenance POS terminal and operation terminal |
CN201310740380.8A Active CN103714637B (en) | 2013-03-15 | 2013-12-27 | A kind of transmission security key sending method and system, operating terminal |
CN201310742713.0A Active CN103701610B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
Family Applications Before (22)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310740644.XA Active CN103714638B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of quick position terminal master key failed download |
CN201310740231.1A Active CN103714635B (en) | 2013-03-15 | 2013-12-27 | A kind of POS terminal and terminal master key downloading mode collocation method thereof |
CN201310741948.8A Active CN103714639B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system that realize the operation of POS terminal security |
CN201310740642.0A Active CN103731259B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740360.0A Active CN103714636B (en) | 2013-03-15 | 2013-12-27 | A kind of method of batch capture and upload transfers cipher key T K data and operating terminal |
CN201310740158.8A Active CN103716320B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740537.7A Active CN103746800B (en) | 2013-03-15 | 2013-12-27 | TMK (terminal master key) safe downloading method and system |
CN201310740540.9A Active CN103716154B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740308.5A Active CN103729941B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
CN201310740430.2A Active CN103729943B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system transmission security key being imported KMS system |
CN201310742991.6A Active CN103714641B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK method for safely downloading and system |
CN201310740285.8A Active CN103729940B (en) | 2013-03-15 | 2013-12-27 | A kind of main cipher key T MK method for safely downloading of terminal and system |
CN201310740226.0A Active CN103714634B (en) | 2013-03-15 | 2013-12-27 | A kind of method of main key of secure download terminal and system |
CN201310740574.8A Active CN103729945B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
CN201310742886.2A Active CN103716321B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and systems |
CN201310740264.6A Active CN103701812B (en) | 2013-03-15 | 2013-12-27 | TMK (Terminal Master Key) secure downloading method and system |
CN201310740567.8A Active CN103729944B (en) | 2013-03-15 | 2013-12-27 | A kind of method and system of secure download terminal master key |
CN201310742681.4A Active CN103714640B (en) | 2013-03-15 | 2013-12-27 | A kind of sending method of transmission security key and system |
CN201310740410.5A Active CN103729942B (en) | 2013-03-15 | 2013-12-27 | Transmission security key is transferred to the method and system of key server from terminal server |
CN201310740100.3A Active CN103714633B (en) | 2013-03-15 | 2013-12-27 | A kind of method of safe generating transmission key and POS terminal |
CN201310742686.7A Active CN103745351B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
CN201310740188.9A Active CN103716153B (en) | 2013-03-15 | 2013-12-27 | Terminal master key TMK safety downloading method and systems |
Family Applications After (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310741949.2A Active CN103731260B (en) | 2013-03-15 | 2013-12-27 | A kind of terminal master key TMK safety downloading method and system |
CN201310740244.9A Active CN103701609B (en) | 2013-03-15 | 2013-12-27 | A kind of server and the method and system operating terminal two-way authentication |
CN201310742648.1A Active CN103716155B (en) | 2013-03-15 | 2013-12-27 | A kind of method of automated maintenance POS terminal and operation terminal |
CN201310740380.8A Active CN103714637B (en) | 2013-03-15 | 2013-12-27 | A kind of transmission security key sending method and system, operating terminal |
CN201310742713.0A Active CN103701610B (en) | 2013-03-15 | 2013-12-27 | A kind of acquisition method and system for transmitting cipher key T K |
Country Status (2)
Country | Link |
---|---|
CN (28) | CN103714638B (en) |
WO (5) | WO2014139408A1 (en) |
Families Citing this family (112)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103714638B (en) * | 2013-03-15 | 2015-09-30 | 福建联迪商用设备有限公司 | A kind of method and system of quick position terminal master key failed download |
CN105281896B (en) * | 2014-07-17 | 2018-11-27 | 深圳华智融科技股份有限公司 | A kind of key POS machine Activiation method and system based on elliptic curve |
CN104270346B (en) * | 2014-09-12 | 2017-10-13 | 北京天行网安信息技术有限责任公司 | The methods, devices and systems of two-way authentication |
CN105991536A (en) * | 2014-11-07 | 2016-10-05 | 天地融科技股份有限公司 | Data interaction system |
CN104363090A (en) * | 2014-11-19 | 2015-02-18 | 成都卫士通信息产业股份有限公司 | Secret key distribution device and method for enhancing safety of banking terminal equipment |
CN105681263B (en) * | 2014-11-20 | 2019-02-12 | 广东华大互联网股份有限公司 | A kind of secrete key of smart card remote application method and application system |
CN104486323B (en) * | 2014-12-10 | 2017-10-31 | 福建联迪商用设备有限公司 | A kind of POS terminal controlled networking activation method and device safely |
CN104410641B (en) * | 2014-12-10 | 2017-12-08 | 福建联迪商用设备有限公司 | A kind of POS terminal controlled networking activation method and device safely |
US9485250B2 (en) * | 2015-01-30 | 2016-11-01 | Ncr Corporation | Authority trusted secure system component |
CN105989472A (en) * | 2015-03-06 | 2016-10-05 | 华立科技股份有限公司 | Wireless mobile configuration, wireless payment configuration and wireless payment configuration method of electric energy measurement system, and public commodity wireless payment configuration |
CN106204034B (en) * | 2015-04-29 | 2019-07-23 | 中国电信股份有限公司 | Using the mutual authentication method and system of interior payment |
CN105117665B (en) * | 2015-07-16 | 2017-10-31 | 福建联迪商用设备有限公司 | A kind of end product pattern and the method and system of development mode handoff-security |
CN105184121A (en) * | 2015-09-02 | 2015-12-23 | 上海繁易电子科技有限公司 | Hardware authorization system and method using remote server |
CN106559218A (en) * | 2015-09-29 | 2017-04-05 | 中国电力科学研究院 | A kind of safe acquisition method of intelligent substation continuous data |
CN105243542B (en) * | 2015-11-13 | 2021-07-02 | 咪付(广西)网络技术有限公司 | Dynamic electronic certificate authentication method |
CN105260884A (en) * | 2015-11-18 | 2016-01-20 | 北京微智全景信息技术有限公司 | POS machine key distributing method and device |
CN105530241B (en) * | 2015-12-07 | 2018-12-28 | 咪付(广西)网络技术有限公司 | The authentication method of mobile intelligent terminal and POS terminal |
CN105574722A (en) * | 2015-12-11 | 2016-05-11 | 福建新大陆支付技术有限公司 | Authorization IC card based remote online authorization method for payment terminal |
CN105930718A (en) * | 2015-12-29 | 2016-09-07 | 中国银联股份有限公司 | Method and apparatus for switching point-of-sale (POS) terminal modes |
CN105656669B (en) * | 2015-12-31 | 2019-01-01 | 福建联迪商用设备有限公司 | The remote repairing method of electronic equipment, is repaired equipment and system at equipment |
CN105681032B (en) | 2016-01-08 | 2017-09-12 | 腾讯科技(深圳)有限公司 | Method for storing cipher key, key management method and device |
CN105743654A (en) * | 2016-02-02 | 2016-07-06 | 上海动联信息技术股份有限公司 | POS machine secret key remote downloading service system and secret key downloading method |
CN105790934B (en) * | 2016-03-04 | 2019-03-15 | 中国银联股份有限公司 | A kind of adaptive POS terminal configuration method configures power assignment method with it |
CN107294722A (en) * | 2016-03-31 | 2017-10-24 | 阿里巴巴集团控股有限公司 | A kind of terminal identity authentication method, apparatus and system |
CN105978856B (en) * | 2016-04-18 | 2019-01-25 | 随行付支付有限公司 | A kind of POS machine key downloading method, apparatus and system |
CN106059771A (en) * | 2016-05-06 | 2016-10-26 | 上海动联信息技术股份有限公司 | Intelligent POS machine secret key management system and method |
CN106097608B (en) * | 2016-06-06 | 2018-07-27 | 福建联迪商用设备有限公司 | Remote cipher key method for down loading and system, acquirer and target POS terminal |
CN106127461A (en) * | 2016-06-16 | 2016-11-16 | 中国银联股份有限公司 | Bi-directional verification method of mobile payment and system |
CN107563712A (en) * | 2016-06-30 | 2018-01-09 | 中兴通讯股份有限公司 | A kind of mobile terminal punch card method, device, equipment and system |
CN106027247A (en) * | 2016-07-29 | 2016-10-12 | 宁夏丝路通网络支付有限公司北京分公司 | Method for remotely issuing POS key |
CN106100854A (en) * | 2016-08-16 | 2016-11-09 | 黄朝 | The reverse authentication method of terminal unit based on authority's main body and system |
CN107800538B (en) * | 2016-09-01 | 2021-01-29 | 中电长城(长沙)信息技术有限公司 | Remote key distribution method for self-service equipment |
US11018860B2 (en) | 2016-10-28 | 2021-05-25 | Microsoft Technology Licensing, Llc | Highly available and reliable secret distribution infrastructure |
CN106571915A (en) * | 2016-11-15 | 2017-04-19 | 中国银联股份有限公司 | Terminal master key setting method and apparatus |
CN106603496B (en) * | 2016-11-18 | 2019-05-21 | 新智数字科技有限公司 | A kind of guard method, smart card, server and the communication system of data transmission |
CN106656488B (en) * | 2016-12-07 | 2020-04-03 | 百富计算机技术(深圳)有限公司 | Key downloading method and device for POS terminal |
CN106712939A (en) * | 2016-12-27 | 2017-05-24 | 百富计算机技术(深圳)有限公司 | Offline key transmission method and device |
US10432730B1 (en) | 2017-01-25 | 2019-10-01 | United States Of America As Represented By The Secretary Of The Air Force | Apparatus and method for bus protection |
CN106953731B (en) * | 2017-02-17 | 2020-05-12 | 福建魔方电子科技有限公司 | Authentication method and system for terminal administrator |
CN107466455B (en) * | 2017-03-15 | 2021-05-04 | 深圳大趋智能科技有限公司 | POS machine security verification method and device |
US10296477B2 (en) | 2017-03-30 | 2019-05-21 | United States of America as represented by the Secretary of the AirForce | Data bus logger |
CN106997533B (en) * | 2017-04-01 | 2020-10-13 | 福建实达电脑设备有限公司 | POS terminal product safety production authorization management system and method |
CN107094138B (en) * | 2017-04-11 | 2019-09-13 | 郑州信大捷安信息技术股份有限公司 | A kind of smart home safe communication system and communication means |
CN107070925A (en) * | 2017-04-18 | 2017-08-18 | 上海赛付网络科技有限公司 | A kind of terminal applies and the anti-tamper method of background service communication packet |
CN107104795B (en) * | 2017-04-25 | 2020-09-04 | 上海汇尔通信息技术有限公司 | Method, framework and system for injecting RSA key pair and certificate |
CN107301437A (en) * | 2017-05-31 | 2017-10-27 | 江苏普世祥光电技术有限公司 | A kind of control system of square landscape lamp |
CN107360652A (en) * | 2017-05-31 | 2017-11-17 | 江苏普世祥光电技术有限公司 | A kind of control method of square landscape lamp |
CN107358441B (en) * | 2017-06-26 | 2020-12-18 | 北京明华联盟科技有限公司 | Payment verification method and system, mobile device and security authentication device |
WO2019023979A1 (en) * | 2017-08-02 | 2019-02-07 | 福建联迪商用设备有限公司 | Method for generating configurable pos machine secret key pair, and storage medium |
CN107666420B (en) * | 2017-08-30 | 2020-12-15 | 宁波梦居智能科技有限公司 | Method for production control and identity authentication of intelligent home gateway |
CN107392591B (en) * | 2017-08-31 | 2020-02-07 | 恒宝股份有限公司 | Online recharging method and system for industry card and Bluetooth read-write device |
CN107888379A (en) * | 2017-10-25 | 2018-04-06 | 百富计算机技术(深圳)有限公司 | A kind of method of secure connection, POS terminal and code keypad |
WO2019080095A1 (en) * | 2017-10-27 | 2019-05-02 | 福建联迪商用设备有限公司 | Financial payment terminal activation method and system |
CN107835170B (en) * | 2017-11-04 | 2021-04-20 | 上海动联信息技术股份有限公司 | Intelligent Pos equipment safety authorization dismantling system and method |
CN107993062A (en) * | 2017-11-27 | 2018-05-04 | 百富计算机技术(深圳)有限公司 | POS terminal method of commerce, device, computer equipment and readable storage medium storing program for executing |
CN107944250B (en) * | 2017-11-28 | 2021-04-13 | 艾体威尔电子技术(北京)有限公司 | Key acquisition method applied to POS machine |
CN107919962B (en) * | 2017-12-22 | 2021-01-15 | 国民认证科技(北京)有限公司 | Internet of things equipment registration and authentication method |
CN108365950A (en) * | 2018-01-03 | 2018-08-03 | 深圳怡化电脑股份有限公司 | The generation method and device of financial self-service equipment key |
CN108390851B (en) * | 2018-01-05 | 2020-07-03 | 郑州信大捷安信息技术股份有限公司 | Safe remote control system and method for industrial equipment |
WO2019136736A1 (en) * | 2018-01-15 | 2019-07-18 | 福建联迪商用设备有限公司 | Software encryption terminal, payment terminal, and software package encryption and decryption method and system |
WO2019153119A1 (en) * | 2018-02-06 | 2019-08-15 | 福建联迪商用设备有限公司 | Method for transmitting key, receiving terminal and distribution terminal |
CN108446539B (en) * | 2018-03-16 | 2023-01-13 | 福建深空信息技术有限公司 | Software authorization method and software authorization file generation system |
CN108496194A (en) * | 2018-03-21 | 2018-09-04 | 福建联迪商用设备有限公司 | A kind of method, server-side and the system of verification terminal legality |
CN108496323B (en) * | 2018-03-21 | 2020-01-21 | 福建联迪商用设备有限公司 | Certificate importing method and terminal |
CN108513704B (en) * | 2018-04-17 | 2021-01-19 | 福建联迪商用设备有限公司 | Remote distribution method and system of terminal master key |
CN108737106B (en) * | 2018-05-09 | 2021-06-01 | 深圳壹账通智能科技有限公司 | User authentication method and device on block chain system, terminal equipment and storage medium |
CN108833088A (en) * | 2018-05-22 | 2018-11-16 | 珠海爱付科技有限公司 | A kind of POS terminal Activiation method |
CN110581829A (en) * | 2018-06-08 | 2019-12-17 | 中国移动通信集团有限公司 | Communication method and device |
CN109218293B (en) * | 2018-08-21 | 2021-09-21 | 西安得安信息技术有限公司 | Use method of distributed password service platform key management |
CN109347625B (en) * | 2018-08-31 | 2020-04-24 | 阿里巴巴集团控股有限公司 | Password operation method, work key creation method, password service platform and equipment |
CN109326061B (en) * | 2018-09-10 | 2021-10-26 | 惠尔丰(中国)信息系统有限公司 | Anti-cutting method of intelligent POS |
CN109274684B (en) * | 2018-10-31 | 2020-12-29 | 中国—东盟信息港股份有限公司 | Internet of things terminal system based on integration of eSIM communication and navigation service and implementation method thereof |
CN109547208B (en) * | 2018-11-16 | 2021-11-09 | 交通银行股份有限公司 | Online distribution method and system for master key of financial electronic equipment |
CN109670289B (en) * | 2018-11-20 | 2020-12-15 | 福建联迪商用设备有限公司 | Method and system for identifying legality of background server |
CN109508995A (en) * | 2018-12-12 | 2019-03-22 | 福建新大陆支付技术有限公司 | A kind of off line authorization method and payment terminal based on payment terminal |
CN109510711B (en) * | 2019-01-08 | 2022-04-01 | 深圳市网心科技有限公司 | Network communication method, server, client and system |
CN111627174A (en) * | 2019-02-28 | 2020-09-04 | 南京摩铂汇信息技术有限公司 | Bluetooth POS equipment and payment system |
CN110011794B (en) * | 2019-04-11 | 2021-08-13 | 北京智芯微电子科技有限公司 | Cipher machine key attribute testing method |
CN109995532A (en) * | 2019-04-11 | 2019-07-09 | 晏福平 | A kind of online management method and system of terminal master key |
CN110061848B (en) * | 2019-04-17 | 2021-09-14 | 飞天诚信科技股份有限公司 | Method for safely importing secret key of payment terminal, payment terminal and system |
CN110545542B (en) * | 2019-06-13 | 2023-03-14 | 银联商务股份有限公司 | Main control key downloading method and device based on asymmetric encryption algorithm and computer equipment |
CN112532567A (en) * | 2019-09-19 | 2021-03-19 | 中国移动通信集团湖南有限公司 | Transaction encryption method and POSP system |
CN110855442A (en) * | 2019-10-10 | 2020-02-28 | 北京握奇智能科技有限公司 | PKI (public key infrastructure) technology-based inter-device certificate verification method |
CN111132154B (en) * | 2019-12-26 | 2022-10-21 | 飞天诚信科技股份有限公司 | Method and system for negotiating session key |
CN111193748B (en) * | 2020-01-06 | 2021-12-03 | 惠州市德赛西威汽车电子股份有限公司 | Interactive key security authentication method and system |
CN111275440B (en) * | 2020-01-19 | 2023-11-10 | 中钞科堡现金处理技术(北京)有限公司 | Remote key downloading method and system |
TWI775061B (en) * | 2020-03-30 | 2022-08-21 | 尚承科技股份有限公司 | Protection system and method for soft/firmware or data |
CN111597512B (en) * | 2020-03-31 | 2023-10-31 | 尚承科技股份有限公司 | Soft firmware or data protection system and protection method |
CN111526013B (en) * | 2020-04-17 | 2023-05-05 | 中国人民银行清算总中心 | Key distribution method and system |
CN111884804A (en) * | 2020-06-15 | 2020-11-03 | 上海祥承通讯技术有限公司 | Remote key management method |
CN111815811B (en) * | 2020-06-22 | 2022-09-06 | 合肥智辉空间科技有限责任公司 | Electronic lock safety coefficient |
CN111950999A (en) * | 2020-07-28 | 2020-11-17 | 银盛支付服务股份有限公司 | Method and system for realizing IC card based secret key filling safety on POS machine |
CN111931206A (en) * | 2020-07-31 | 2020-11-13 | 银盛支付服务股份有限公司 | Data encryption method based on APP |
CN112134849B (en) * | 2020-08-28 | 2024-02-20 | 国电南瑞科技股份有限公司 | Dynamic trusted encryption communication method and system for intelligent substation |
CN112311528B (en) * | 2020-10-17 | 2023-06-23 | 深圳市德卡科技股份有限公司 | Data security transmission method based on cryptographic algorithm |
CN112291232B (en) * | 2020-10-27 | 2021-06-04 | 中国联合网络通信有限公司深圳市分公司 | Safety capability and safety service chain management platform based on tenants |
CN112332978B (en) * | 2020-11-10 | 2022-09-20 | 上海商米科技集团股份有限公司 | Remote key injection method based on key agreement |
CN112396416A (en) * | 2020-11-18 | 2021-02-23 | 上海商米科技集团股份有限公司 | Method for loading certificate of intelligent POS equipment |
CN112560058B (en) * | 2020-12-17 | 2022-12-30 | 山东华芯半导体有限公司 | SSD partition encryption storage system based on intelligent password key and implementation method thereof |
CN112968776B (en) * | 2021-02-02 | 2022-09-02 | 中钞科堡现金处理技术(北京)有限公司 | Method, storage medium and electronic device for remote key exchange |
CN113037494B (en) * | 2021-03-02 | 2023-05-23 | 福州汇思博信息技术有限公司 | Burning piece mirror image file signature method and terminal |
CN113450511A (en) * | 2021-03-25 | 2021-09-28 | 深圳怡化电脑科技有限公司 | Transaction method of acceptance terminal equipment and bank system and acceptance terminal equipment |
CN113132980B (en) * | 2021-04-02 | 2023-10-13 | 四川省计算机研究院 | Key management system method and device applied to Beidou navigation system |
CN113328851B (en) * | 2021-04-21 | 2022-01-14 | 北京连山科技股份有限公司 | Method and system for randomly transmitting secret key under multilink condition |
CN113708923A (en) * | 2021-07-29 | 2021-11-26 | 银盛支付服务股份有限公司 | Method and system for remotely downloading master key |
CN113645221A (en) * | 2021-08-06 | 2021-11-12 | 中国工商银行股份有限公司 | Encryption method, device, equipment, storage medium and computer program |
CN113810391A (en) * | 2021-09-01 | 2021-12-17 | 杭州视洞科技有限公司 | Cross-machine-room communication bidirectional authentication and encryption method |
CN113612612A (en) * | 2021-09-30 | 2021-11-05 | 阿里云计算有限公司 | Data encryption transmission method, system, equipment and storage medium |
CN114423003B (en) * | 2021-12-29 | 2024-01-30 | 中国航空工业集团公司西安飞机设计研究所 | Airplane key comprehensive management method and system |
CN114499891A (en) * | 2022-03-21 | 2022-05-13 | 宁夏凯信特信息科技有限公司 | Signature server system and signature verification method |
CN114726521A (en) * | 2022-04-14 | 2022-07-08 | 广东好太太智能家居有限公司 | Intelligent lock temporary password generation method and electronic equipment |
CN116865966B (en) * | 2023-09-04 | 2023-12-05 | 中量科(南京)科技有限公司 | Encryption method, device and storage medium for generating working key based on quantum key |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1901445A (en) * | 2005-07-22 | 2007-01-24 | 华为技术有限公司 | Distributing method for transmission key |
CN101527714A (en) * | 2008-12-31 | 2009-09-09 | 北京飞天诚信科技有限公司 | Method, device and system for accreditation |
CA2766491A1 (en) * | 2009-06-25 | 2010-12-29 | China Unionpay Co., Ltd. | A method and system for securely and automatically downloading a master key in a bank card payment system |
CN102647274A (en) * | 2012-04-12 | 2012-08-22 | 福建联迪商用设备有限公司 | POS (Point of Sale) terminal, terminal accessing device, main key managing system and method thereof |
Family Cites Families (62)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS57157371A (en) * | 1981-03-24 | 1982-09-28 | Sharp Corp | Electronic cash register |
JP2993833B2 (en) * | 1993-11-29 | 1999-12-27 | 富士通株式会社 | POS system |
JPH10112883A (en) * | 1996-10-07 | 1998-04-28 | Hitachi Ltd | Radio communication exchange system, exchange, public key management device, mobile terminal and mobile terminal recognizing method |
BRPI0009229B8 (en) * | 1999-03-22 | 2021-05-25 | Purac Biochem Bv | lactic acid purification process on an industrial scale. |
CN1127033C (en) * | 2000-07-20 | 2003-11-05 | 天津南开戈德集团有限公司 | Radio mobile network point of sale (POS) terminal system and operation method thereof |
US7110986B1 (en) * | 2001-04-23 | 2006-09-19 | Diebold, Incorporated | Automated banking machine system and method |
KR100641824B1 (en) * | 2001-04-25 | 2006-11-06 | 주식회사 하렉스인포텍 | A payment information input method and mobile commerce system using symmetric cipher system |
JP2002366285A (en) * | 2001-06-05 | 2002-12-20 | Matsushita Electric Ind Co Ltd | Pos terminal |
GB2401293B (en) * | 2002-01-17 | 2004-12-22 | Toshiba Res Europ Ltd | Data transmission links |
JP2003217028A (en) * | 2002-01-24 | 2003-07-31 | Tonfuu:Kk | Operation situation monitoring system for pos terminal device |
US7395427B2 (en) * | 2003-01-10 | 2008-07-01 | Walker Jesse R | Authenticated key exchange based on pairwise master key |
JP2005117511A (en) * | 2003-10-10 | 2005-04-28 | Nec Corp | Quantum cipher communication system and quantum cipher key distributing method used therefor |
KR101282972B1 (en) * | 2004-03-22 | 2013-07-08 | 삼성전자주식회사 | Authentication between a device and a portable storage |
US20060093149A1 (en) * | 2004-10-30 | 2006-05-04 | Shera International Ltd. | Certified deployment of applications on terminals |
DE102005022019A1 (en) * | 2005-05-12 | 2007-02-01 | Giesecke & Devrient Gmbh | Secure processing of data |
KR100652125B1 (en) * | 2005-06-03 | 2006-12-01 | 삼성전자주식회사 | Mutual authentication method for managing and authenticating between service provider, terminal and user identify module at one time and terminal, and the system thereof |
EP2013831A4 (en) * | 2006-02-22 | 2010-12-22 | Hypercom Corp | Secure electronic transaction system |
JP2007241351A (en) * | 2006-03-06 | 2007-09-20 | Cela System:Kk | Customer/commodity integrated management system by customer/commodity/purchase management system (including pos) and mobile terminal |
EP1833009B1 (en) * | 2006-03-09 | 2019-05-08 | First Data Corporation | Secure transaction computer network |
US7818264B2 (en) * | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
CN101064695A (en) * | 2007-05-16 | 2007-10-31 | 杭州看吧科技有限公司 | P2P(Peer to Peer) safe connection method |
CN101145913B (en) * | 2007-10-25 | 2010-06-16 | 东软集团股份有限公司 | A method and system for network security communication |
WO2009070041A2 (en) * | 2007-11-30 | 2009-06-04 | Electronic Transaction Services Limited | Payment system and method of operation |
CN101541002A (en) * | 2008-03-21 | 2009-09-23 | 展讯通信(上海)有限公司 | Web server-based method for downloading software license of mobile terminal |
CN101615322B (en) * | 2008-06-25 | 2012-09-05 | 上海富友金融网络技术有限公司 | Mobile terminal payment method and mobile terminal payment system for realizing magnetic payment function |
JP4666240B2 (en) * | 2008-07-14 | 2011-04-06 | ソニー株式会社 | Information processing apparatus, information processing method, program, and information processing system |
CN101686225A (en) * | 2008-09-28 | 2010-03-31 | 中国银联股份有限公司 | Methods of data encryption and key generation for on-line payment |
KR20100052668A (en) * | 2008-11-11 | 2010-05-20 | 노틸러스효성 주식회사 | Method for on-line sharing of tmk(terminal master key) between atm and host |
JP5329184B2 (en) * | 2008-11-12 | 2013-10-30 | 株式会社日立製作所 | Public key certificate verification method and verification server |
CN101425208B (en) * | 2008-12-05 | 2010-11-10 | 浪潮齐鲁软件产业有限公司 | Method for safely downloading cipher key of finance tax-controlling cashing machine |
CN101719895A (en) * | 2009-06-26 | 2010-06-02 | 中兴通讯股份有限公司 | Data processing method and system for realizing secure communication of network |
CN101593389B (en) * | 2009-07-01 | 2012-04-18 | 中国建设银行股份有限公司 | Key management method and key management system for POS terminal |
CN101631305B (en) * | 2009-07-28 | 2011-12-07 | 交通银行股份有限公司 | Encryption method and system |
CN101656007B (en) * | 2009-08-14 | 2011-02-16 | 通联支付网络服务股份有限公司 | Safe system realizing one machine with multiple ciphers on POS machine and method thereof |
CN102064939B (en) * | 2009-11-13 | 2013-06-12 | 福建联迪商用设备有限公司 | Method for authenticating point of sail (POS) file and method for maintaining authentication certificate |
CN101710436B (en) * | 2009-12-01 | 2011-12-14 | 中国建设银行股份有限公司 | Method and system for controlling POS terminal and POS terminal management equipment |
CN101807994B (en) * | 2009-12-18 | 2012-07-25 | 北京握奇数据系统有限公司 | Method and system for application data transmission of IC card |
CN102148799B (en) * | 2010-02-05 | 2014-10-22 | 中国银联股份有限公司 | Key downloading method and system |
CN201656997U (en) * | 2010-04-28 | 2010-11-24 | 中国工商银行股份有限公司 | Device for generating transmission key |
CN101807997B (en) * | 2010-04-28 | 2012-08-22 | 中国工商银行股份有限公司 | Device and method for generating transmission key |
CN102262760A (en) * | 2010-05-28 | 2011-11-30 | 杨筑平 | Transaction secrecy method, acceptance apparatus and submission software |
US8856509B2 (en) * | 2010-08-10 | 2014-10-07 | Motorola Mobility Llc | System and method for cognizant transport layer security (CTLS) |
CN101938520B (en) * | 2010-09-07 | 2015-01-28 | 中兴通讯股份有限公司 | Mobile terminal signature-based remote payment system and method |
CN101976403A (en) * | 2010-10-29 | 2011-02-16 | 北京拉卡拉网络技术有限公司 | Phone number payment platform, payment trading system and method thereof |
CN102013982B (en) * | 2010-12-01 | 2012-07-25 | 银联商务有限公司 | Long-distance encryption method, management method, as well as encryption management method, device and system |
CN102903189A (en) * | 2011-07-25 | 2013-01-30 | 上海昂贝电子科技有限公司 | Terminal transaction method and device |
CN102394749B (en) * | 2011-09-26 | 2014-03-05 | 深圳市文鼎创数据科技有限公司 | Line protection method, system, information safety equipment and application equipment for data transmission |
CN102521935B (en) * | 2011-12-15 | 2013-12-11 | 福建联迪商用设备有限公司 | Method and apparatus for state detection of POS machine |
CN102592369A (en) * | 2012-01-14 | 2012-07-18 | 福建联迪商用设备有限公司 | Method for self-service terminal access to financial transaction center |
CN102624710B (en) * | 2012-02-27 | 2015-03-11 | 福建联迪商用设备有限公司 | Sensitive information transmission method and sensitive information transmission system |
CN102624711B (en) * | 2012-02-27 | 2015-06-03 | 福建联迪商用设备有限公司 | Sensitive information transmission method and sensitive information transmission system |
CN102707972B (en) * | 2012-05-02 | 2016-03-09 | 银联商务有限公司 | A kind of POS terminal method for updating program and system |
CN102768744B (en) * | 2012-05-11 | 2016-03-16 | 福建联迪商用设备有限公司 | A kind of remote safe payment method and system |
CN102868521B (en) * | 2012-09-12 | 2015-03-04 | 成都卫士通信息产业股份有限公司 | Method for enhancing secret key transmission of symmetrical secret key system |
CN103116505B (en) * | 2012-11-16 | 2016-05-25 | 福建联迪商用设备有限公司 | A kind of method that Auto-matching is downloaded |
CN103117855B (en) * | 2012-12-19 | 2016-07-06 | 福建联迪商用设备有限公司 | A kind of method of the method generating digital certificate and backup and recovery private key |
CN103237005A (en) * | 2013-03-15 | 2013-08-07 | 福建联迪商用设备有限公司 | Method and system for key management |
CN103220270A (en) * | 2013-03-15 | 2013-07-24 | 福建联迪商用设备有限公司 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
CN103714638B (en) * | 2013-03-15 | 2015-09-30 | 福建联迪商用设备有限公司 | A kind of method and system of quick position terminal master key failed download |
CN103237004A (en) * | 2013-03-15 | 2013-08-07 | 福建联迪商用设备有限公司 | Key download method, key management method, method, device and system for download management |
CN103220271A (en) * | 2013-03-15 | 2013-07-24 | 福建联迪商用设备有限公司 | Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key |
CN103269266B (en) * | 2013-04-27 | 2016-07-06 | 北京宏基恒信科技有限责任公司 | The safety certifying method of dynamic password and system |
-
2013
- 2013-12-27 CN CN201310740644.XA patent/CN103714638B/en active Active
- 2013-12-27 CN CN201310740231.1A patent/CN103714635B/en active Active
- 2013-12-27 CN CN201310741948.8A patent/CN103714639B/en active Active
- 2013-12-27 CN CN201310740642.0A patent/CN103731259B/en active Active
- 2013-12-27 CN CN201310740360.0A patent/CN103714636B/en active Active
- 2013-12-27 CN CN201310740158.8A patent/CN103716320B/en active Active
- 2013-12-27 CN CN201310740537.7A patent/CN103746800B/en active Active
- 2013-12-27 CN CN201310740540.9A patent/CN103716154B/en active Active
- 2013-12-27 CN CN201310740308.5A patent/CN103729941B/en active Active
- 2013-12-27 CN CN201310740430.2A patent/CN103729943B/en active Active
- 2013-12-27 CN CN201310742991.6A patent/CN103714641B/en active Active
- 2013-12-27 CN CN201310740285.8A patent/CN103729940B/en active Active
- 2013-12-27 CN CN201310740226.0A patent/CN103714634B/en active Active
- 2013-12-27 CN CN201310740574.8A patent/CN103729945B/en active Active
- 2013-12-27 CN CN201310742886.2A patent/CN103716321B/en active Active
- 2013-12-27 CN CN201310740264.6A patent/CN103701812B/en active Active
- 2013-12-27 CN CN201310740567.8A patent/CN103729944B/en active Active
- 2013-12-27 CN CN201310742681.4A patent/CN103714640B/en active Active
- 2013-12-27 CN CN201310740410.5A patent/CN103729942B/en active Active
- 2013-12-27 CN CN201310740100.3A patent/CN103714633B/en active Active
- 2013-12-27 CN CN201310742686.7A patent/CN103745351B/en active Active
- 2013-12-27 CN CN201310740188.9A patent/CN103716153B/en active Active
- 2013-12-27 CN CN201310742661.7A patent/CN103716167B/en active Active
- 2013-12-27 CN CN201310741949.2A patent/CN103731260B/en active Active
- 2013-12-27 CN CN201310740244.9A patent/CN103701609B/en active Active
- 2013-12-27 CN CN201310742648.1A patent/CN103716155B/en active Active
- 2013-12-27 CN CN201310740380.8A patent/CN103714637B/en active Active
- 2013-12-27 CN CN201310742713.0A patent/CN103701610B/en active Active
-
2014
- 2014-03-11 WO PCT/CN2014/073220 patent/WO2014139408A1/en active Application Filing
- 2014-03-11 WO PCT/CN2014/073215 patent/WO2014139406A1/en active Application Filing
- 2014-03-11 WO PCT/CN2014/073225 patent/WO2014139412A1/en active Application Filing
- 2014-03-11 WO PCT/CN2014/073224 patent/WO2014139411A1/en active Application Filing
- 2014-03-11 WO PCT/CN2014/073205 patent/WO2014139403A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1901445A (en) * | 2005-07-22 | 2007-01-24 | 华为技术有限公司 | Distributing method for transmission key |
CN101527714A (en) * | 2008-12-31 | 2009-09-09 | 北京飞天诚信科技有限公司 | Method, device and system for accreditation |
CA2766491A1 (en) * | 2009-06-25 | 2010-12-29 | China Unionpay Co., Ltd. | A method and system for securely and automatically downloading a master key in a bank card payment system |
CN102647274A (en) * | 2012-04-12 | 2012-08-22 | 福建联迪商用设备有限公司 | POS (Point of Sale) terminal, terminal accessing device, main key managing system and method thereof |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103716167B (en) | Method and device for safely collecting and distributing transmission keys | |
CN103716168B (en) | Secret key management method and system | |
CN103716322B (en) | Secret key download method, management method, download management method, secret key download device, secret key management device and secret key download management system | |
CN103714642B (en) | Key downloading method, management method, downloading management method and device and system | |
CN106096947B (en) | The half off-line anonymous method of payment based on NFC | |
CN103729946A (en) | Key downloading method, key managing method and downloading managing method, device and system | |
CN108323230A (en) | A kind of method of transmission key receives terminal and distribution terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |